Four years on, how have things changed?
I think the Cloud has finally Grown Up. Always popular with development teams and leading-edge (or should that be bleeding-edge?) deployments, is it now time to see Cloud provisioning as the de-facto approach to Infrastructure requirements?
It could be argued that, for commercial organisations, Cloud really started with Software-as-a-Service (SaaS). Companies such as Salesforce.Com established the concept of outsourcing non-core business processes. (Although I suspect my sales & marketing colleagues would take exception to being categorised as "non-core"!) Within IT itself, cloud-based Service Desks such as Service-Now began to eat into traditional service desk markets.
Subsequently, the concept of Platform-as-a-Service (PaaS) began to be exploited by Development teams who wanted to spin up "Build" and "Test" environments quickly.
Compute environments were (and still are) another valuable use-case; make use of massive cpu capacity to do data analytics or asset pricing, saving having to purchase on-premise processing. This, plus the idea of just provisioning Storage (Infrastructure-as-a-Service, or IaaS), is where the questions of security and reliability came in.
Put simply; why should a company trust a third part supplier to look after its confidential data? To answer that question is to address the heart of Cloud, be it IaaS, PaaS, or SaaS.
In my view, the questions of Security are now being addressed. Many companies now conform to rigorous security rules regarding data isolation, "Chinese walls" and other practices so that even some Banks are now prepared to trust their secure data to a Cloud service.
Reliability and Availability are also being addressed. However, this does require a different philosophy to infrastructure. The approach is to view servers not as "pets" (having individual attributes, and to be nursed back to health if they get sick) but rather to treat them as "cattle" - herds of identical attributes. If one gets sick, you just kill it and use another one. But this does mean that Applications need a totally different approach.
If you want your application to be able to run on a Cloud solution, you need to recognise that whilst the environment itself may be stable, individual components themselves might fail. This is much more of an "organic" approach to resilience, compared with the older "technocratic" approach of ensuring resiliency by ensuring availability of each and every component.
So the new approach involves:
- overall infrastructure is "stateless", and runs very small "micro" ACID (Atomic, Consistent, Idolated,Durable) transactions.
- each transaction takes minimal elapsed time and can run on any host.
- very simple persistent storage mechanisms are used to store user "state" where necessary.
- failure of infrastructure does not lead to failure of applications.
Of course, all the good things we have always demanded from infrastructure (security, availability,reliability, supportability, etc. ) must still apply.
But, in the Cloud world, we deliver them in a different way - using micro-services hosted on anonymous farms of infrastructure.
Under this new philosophical approach, the focus moves to Supplier Management. Chose you Cloud Supplier with great care - your business data is in their hands.
